Alik Levin's

Clarity, Technology, and Solving Problems | PracticeThis.com

How To: Use AD FS Endpoints When Developing Claims Aware WCF Services Using WIF

How To: Use AD FS Endpoints When Developing Claims Aware WCF Services Using WIF

Rate This
  • Comments 0
Programming Windows Identity Foundation

This post is based on WIF Built-in Bindings Overview and AD FS Endpoints. This information should provide a more cohesive view for developers when developing claims aware WCF services using AD FS and WIF.

There are 30 scenarios here. Working on guidance when to use what.

WS-Trust 1.3 endpoints

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/windows Trust13WindowsMessage
WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding();

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/windowsmixed Trust13WindowsMixed
WindowsWSTrustBinding windowsTrust13MixedBinding = 
                       new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/windowstransport Trust13WindowsTransport
WindowsWSTrustBinding windowsTrust13TransportBinding =
                                                            new WindowsWSTrustBinding(SecurityMode.Transport);

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/certificate Trust13CertificateMessage
CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding();

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/certificatemixed Trust13CertificateMixed
CertificateWSTrustBinding certificateTrust13MixedBinding = 
                        new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential);

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/certificatetransport Trust13CertificateTransport
CertificateWSTrustBinding certificateTrust13TransportBinding = 
                                                              new CertificateWSTrustBinding(SecurityMode.Transport);

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/username Trust13UserNameMessage
UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding();

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/usernamemixed Trust13UserNameMixed

UserNameWSTrustBinding userNameTrust13MixedBinding =
                         new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/usernamebasictransport Trust13UserNameBasicTransport

UserNameWSTrustBinding userNameTrust13TransportBasicBinding =
            new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic);

 

AD FS Endpoint

WCF Binding

N/A Trust13UserNameDigestTransport

UserNameWSTrustBinding userNameTrust13TransportDigestBinding =
          new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest);

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/kerberosmixed Trust13KerberosMixed

KerberosWSTrustBinding kerberosTrust13MixedBinding = 
                           new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential);

 

WS-Trust 1.3 Issued Token endpoints

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/issuedtokenasymmetricbasic256 Trust13IssuedTokenAsymmetricBasic256

IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding();
issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256 Trust13IssuedTokenMixedAsymmetricBasic256

IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding();
issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;
issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256 Trust13IssuedTokenMixedSymmetricBasic256

IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); 
issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/13/issuedtokensymmetricbasic256 Trust13IssuedTokenSymmetricBasic256

 

WS-Trust 2005 endpoints

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/windows TrustFeb2005WindowsMessage

WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding();
windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/windowsmixed TrustFeb2005WindowsMixed

WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = 
                            new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);
windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/windowstransport TrustFeb2005WindowsTransport

WindowsWSTrustBinding windowsTrustFeb2005TransportBinding =
                                                                 new WindowsWSTrustBinding(SecurityMode.Transport);
windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/certificate TrustFeb2005CertificateMessage

CertificateWSTrustBinding certificateTrustFeb2005MessageBinding =
                                                                                                      new CertificateWSTrustBinding();
certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/certificatemixed TrustFeb2005CertificateMixed

CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = 
                            new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential);
certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/certificatetransport TrustFeb2005CertificateTransport

CertificateWSTrustBinding certificateTrustFeb2005TransportBinding =
                                                                new CertificateWSTrustBinding(SecurityMode.Transport);
certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;


 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/username TrustFeb2005UserNameMessage

UserNameWSTrustBinding userNameTrustFeb2005MessageBinding =
                                                                                                      new UserNameWSTrustBinding();
userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/usernamemixed TrustFeb2005UserNameMixed

UserNameWSTrustBinding userNameTrustFeb2005MixedBinding =
                           new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/usernamebasictransport TrustFeb2005UserNameBasicTransport

UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = 
               new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic);
userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

TrustFeb2005UserNameDigestTransport

UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = 
              new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest);
userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/kerberosmixed TrustFeb2005KerberosMixed

KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding =
                               new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential);
kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

WS-Trust 2005 Issued Token endpoints

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/issuedtokenasymmetricbasic256 TrustFeb2005IssuedTokenAsymmetricBasic256
issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;
issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256 TrustFeb2005IssuedTokenMixedAsymmetricBasic256
issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;
issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;
issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256 TrustFeb2005IssuedTokenMixedSymmetricBasic256
issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;
issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

 

AD FS Endpoint

WCF Binding

/adfs/services/trust/2005/issuedtokensymmetricbasic256 TrustFeb2005IssuedTokenSymmetricBasic256

issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;